[Samba] winbind and AD authentication on AIX
Fabio Bucciarelli
fbucciarelli at regione.emilia-romagna.it
Mon Apr 24 08:50:51 GMT 2006
Hi.
I'm trying to use AD authentication under AIX 5.3.
I've compiled samba 3.0.22 with options:
./configure --prefix=/usr/local/samba --with-winbind --with-ads
--with-krb5=/usr/heimdal --with-ldap --with-acl-support
--with-aio-support=yes
Then I copied the WINBIND file in /usr/lib/security/ directory, I edited
methods.cfg file adding the stanza:
WINBIND:
program = /usr/lib/security/WINBIND
options = debug
and I added the WINBIND SYSTEM in /etc/security/user file:
default:
...
SYSTEM = "compat or WINBIND"
...
and then I joined to the domain.
Now I can use AD authentication for samba shares and I can see AD users
with wbinfo -u, with id or with lsuser commands (same for AD groups),
but if I can't use AD authentication for unix login.
Trying su - bucciarelli_f I obtain this message:
3004-503 Cannot set process credentials and this message in the syslog:
Apr 24 10:40:20 aix03srv auth|security:crit su: BAD SU from root to
_0010000 at /dev/pts/0
Trying ssh -l bucciarelli_f localhost I obtain these messages in the
syslog:
Apr 24 10:40:38 aix03srv auth|security:info sshd[475526]: Login
restricted for bucciarelli_f: You entered an invalid login name or
password.
Apr 24 10:40:38 aix03srv auth|security:info sshd[475526]: Failed none
for invalid user bucciarelli_f from 127.0.0.1 port 58997 ssh2
Apr 24 10:40:43 aix03srv auth|security:info sshd[475526]: Failed
password for invalid user bucciarelli_f from 127.0.0.1 port 58997 ssh2
Apr 24 10:40:43 aix03srv auth|security:info syslog: ssh: failed login
attempt for UNKNOWN_USER from loopback
Nothing strange in the WINBIND_DEBUG.log files.
Thanks in advance.
Fabio Bucciarelli
More information about the samba
mailing list